Deleted: C:\Windows\System32\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Deleted: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\wguw992c.default\searchplugins\avg-secure-search.xml
Deleted: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\searchplugins\avg-secure-search.xml
No malicious DLLs cleaned.
No malicious WMI cleaned.
No malicious shortcuts cleaned.
Deleted: [Data] - HKCU\Software\Microsoft\Internet Explorer\Main|Start Page [https:\\mysearch.avg.com\?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=hp]
Deleted: [Key] - HKU\S-1-5-21-2107339062-2504870960-3837946639-1006\Software\Hola
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@avg.com\AVG SiteSafety plugin,version=11.0.0.1,application\x-avg-sitesafety-plugin
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\hola.org
No malicious Firefox entries deleted.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Neville (administrator) on VAIO (19-01-2018 06:04:13)
Running from C:\Users\Neville\Desktop
Loaded Profiles: Neville & postgres (Available Profiles: Neville & postgres & Lily & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\8.4\bin\postgres.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(f.lux Software LLC) C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUSR.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [10590208 2013-03-14] (Broadcom Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [295512 2018-01-16] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [Bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [534232 2013-10-25] (Broadcom Corporation.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-06] (Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-11-01] (Wondershare)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-09-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499640 2016-12-18] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Adda52 Poker\poker.exe [1512960 2017-08-16] (Gauss Networks Pvt. Ltd.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f35-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\MountPoints2: {0d7b0f59-7c44-11e6-bf94-3c77e6dc9c56} - "E:\AutoRun.exe"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Google Update] => "C:\Users\Neville\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [Facebook Update] => "C:\Users\Neville\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [GoogleChromeAutoLaunch_025349DF926404DCBA5805A40191CC91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1592664 2018-01-03] (Google Inc.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Run: [f.lux] => C:\Users\Neville\AppData\Local\FluxSoftware\Flux\flux.exe [1678840 2017-10-11] (f.lux Software LLC)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PrivateTunnel.lnk [2016-02-29]
ShortcutTarget: PrivateTunnel.lnk -> C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\privatetunnel2.5.5.exe (OpenVPN Technologies)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67
Tcpip\..\Interfaces\{04EB17EE-B2FF-4085-A727-6B08D79238AD}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{9B7B8155-9333-41CF-96FD-E241113CFF23}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{A7CA6FDC-65B3-4CF9-B6DE-3266EBD35973}: [DhcpNameServer] 202.88.131.90 202.88.131.89 202.88.130.67
Internet Explorer:
==================
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {518D4777-9FC5-4AA6-B923-CB7BB495481A} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={89FED01A-6BDF-4466-BF70-1A6B547FC663}&mid=7be7f47994a847cda1f5ed3ea03875a5-50bf7b189223f2721b05c771b87ec98f9fef8697&lang=en&ds=AVG&coid=avgtbavg&cmpid=0616tb&pr=fr&d=2016-04-27 23:44:21&v=4.3.1.831&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.9.605\AVG Web TuneUp.dll => No File
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} hxxp://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
FireFox:
========
FF DefaultProfile: zpq2ecz1.default-1395808145287
FF ProfilePath: C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 [2017-08-31]
FF user.js: detected! => C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\user.js [2015-10-29]
FF Homepage: Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287 -> google.com
FF Extension: (AVG Web TuneUp) - C:\Users\Neville\AppData\Roaming\Mozilla\Firefox\Profiles\zpq2ecz1.default-1395808145287\Extensions\
[email protected] [2016-07-22] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-03-11] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll [2013-10-27] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-27] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-25] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-25] (Microsoft Corporation)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2012-07-13] (Sony Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-12-18] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.ca/
CHR DefaultSearchKeyword: Default -> google.co.in
CHR Profile: C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default [2018-01-19]
CHR Extension: (Magic Actions for YouTube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-01-14]
CHR Extension: (Google Drive) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Chrome IG Story) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2018-01-14]
CHR Extension: (Adblock for Youtube™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-20]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-11-02]
CHR Extension: (Google Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Voice Search) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfkcobomkalfdlmkongnhnhahkmnaad [2017-07-31]
CHR Extension: (Better YouTube Watch History) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\lleajdkalfbohpinoaekajagdefaeckd [2018-01-09]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2018-01-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Chrome Media Router) - C:\Users\Neville\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-11]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-12-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [301720 2018-01-16] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [7589200 2018-01-16] (AVG Technologies CZ, s.r.o.)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-09-15] (AVG Technologies CZ, s.r.o.)
S2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2252504 2013-09-05] (Broadcom Corporation.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319376 2014-10-02] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [1493224 2016-02-19] ()
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-09-20] (Sony Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-07] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]
R2 postgresql-8.4; C:/Program Files (x86)/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files (x86)/PostgreSQL/8.4/data" -w [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [177536 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiska.sys [166624 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdrivera.sys [315152 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsha.sys [193096 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\System32\drivers\avgbloga.sys [337408 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniva.sys [51336 2018-01-16] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [39424 2018-01-16] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [139112 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [102792 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [76832 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [1017624 2018-01-16] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [450360 2018-01-16] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [196904 2018-01-16] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [351128 2018-01-16] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [170712 2013-09-05] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [8469680 2014-03-14] (Broadcom Corporation)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-03-18] (Sony Mobile Communications)
R3 ptun0901; C:\WINDOWS\system32\DRIVERS\ptun0901.sys [27136 2014-04-25] (The OpenVPN Project)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [29352 2015-10-09] ()
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-07-31] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
S3 tapSF0901; C:\WINDOWS\system32\DRIVERS\tapSF0901.sys [39104 2014-03-21] (Spotflux, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R2 WinisoCDBus; C:\WINDOWS\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-19 06:04 - 2018-01-19 06:06 - 000027265 _____ C:\Users\Neville\Desktop\FRST.txt
2018-01-19 06:03 - 2018-01-19 06:04 - 000000000 ____D C:\FRST
2018-01-19 06:02 - 2018-01-19 06:02 - 002393088 _____ (Farbar) C:\Users\Neville\Desktop\FRST64.exe
2018-01-19 05:59 - 2018-01-19 05:59 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-01-19 05:51 - 2018-01-19 05:54 - 000000000 ____D C:\AdwCleaner
2018-01-19 05:46 - 2018-01-19 05:46 - 008198432 _____ (Malwarebytes) C:\Users\Neville\Desktop\AdwCleaner.exe
2018-01-19 00:32 - 2018-01-19 00:32 - 003454787 _____ C:\Users\Neville\Desktop\archive.zip
2018-01-18 20:55 - 2018-01-18 20:55 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-01-16 03:26 - 2018-01-16 03:26 - 000366800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2018-01-15 17:51 - 2018-01-15 17:51 - 000022756 _____ C:\Users\Neville\Desktop\TransactionHistory-45446fa771e3acfe4fbcfa83ebfbe29e7688ac02.csv
2018-01-06 17:50 - 2018-01-06 17:57 - 731078554 _____ C:\Users\Neville\Desktop\bb31dec.mp4
2017-12-29 03:57 - 2017-12-29 11:14 - 000000688 _____ C:\Users\Neville\Desktop\New Text Document (2).txt
2017-12-23 18:48 - 2017-12-23 18:48 - 000000000 ____D C:\ProgramData\Avg_Update_1117tb_a03376
2017-12-23 18:48 - 2017-12-04 21:53 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-23 18:48 - 2017-12-04 21:53 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2017-12-22 04:50 - 2017-12-22 04:50 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-22 02:14 - 2018-01-19 03:25 - 000000402 _____ C:\WINDOWS\Tasks\update-sys.job
2017-12-22 02:14 - 2018-01-19 02:38 - 000000402 _____ C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job
2017-12-22 02:14 - 2017-12-22 02:14 - 000003272 _____ C:\WINDOWS\System32\Tasks\update-sys
2017-12-22 02:14 - 2017-12-22 02:14 - 000003254 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001
2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ C:\Users\Neville\AppData\Local\UserProducts.xml
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Users\Neville\AppData\Local\Skillbrains
2017-12-22 02:14 - 2017-12-22 02:14 - 000000000 ____D C:\Program Files (x86)\Skillbrains
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-19 06:05 - 2013-12-11 14:36 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Adobe
2018-01-19 06:01 - 2015-01-23 06:27 - 000000000 ___DO C:\Users\Neville\OneDrive
2018-01-19 05:57 - 2013-08-22 20:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-19 05:55 - 2015-01-22 14:08 - 000000000 ____D C:\Users\postgres
2018-01-19 05:55 - 2013-08-22 18:55 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2018-01-19 05:51 - 2016-02-29 02:53 - 000000000 ____D C:\Users\Neville\AppData\Local\PrivateTunnel
2018-01-19 03:06 - 2015-01-25 13:56 - 000003774 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EDEAA1B-DC61-4DA2-AC32-19AE130F8449}
2018-01-17 04:43 - 2013-12-30 12:01 - 000000000 ____D C:\Users\Neville\AppData\Local\PokerStars
2018-01-16 03:26 - 2017-11-30 04:20 - 000177536 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000450360 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000449848 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151605340881204
2018-01-16 03:26 - 2017-06-02 04:54 - 000351128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000196904 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys.151605340881204
2018-01-16 03:26 - 2017-06-02 04:54 - 000139112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000102792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000076832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000039424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2018-01-16 03:26 - 2017-06-02 04:54 - 000003920 _____ C:\WINDOWS\System32\Tasks\Antivirus Emergency Update
2018-01-16 03:25 - 2017-06-02 04:54 - 001017624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000337408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbloga.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000315152 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdrivera.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000193096 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsha.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000166624 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiska.sys
2018-01-16 03:25 - 2017-06-02 04:54 - 000051336 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniva.sys
2018-01-15 23:34 - 2013-12-11 14:46 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Skype
2018-01-14 02:19 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-13 02:28 - 2013-12-11 14:43 - 000003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2107339062-2504870960-3837946639-1001
2018-01-12 20:41 - 2016-09-30 22:25 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2018-01-12 05:44 - 2014-08-21 02:45 - 000000707 _____ C:\Users\Neville\Desktop\Mileage Programs.txt
2018-01-10 16:14 - 2013-08-22 19:06 - 000000000 ____D C:\WINDOWS\Inf
2018-01-10 00:07 - 2013-12-11 15:13 - 000004288 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 00:07 - 2013-08-22 21:06 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-09 17:16 - 2012-07-26 13:29 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-07 21:51 - 2016-08-08 00:51 - 000000627 _____ C:\Users\Neville\Desktop\A52.txt
2018-01-07 02:39 - 2016-10-03 23:00 - 000000000 ___HD C:\Users\Guest\AppData\Roaming\BitTorrent
2018-01-07 02:39 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Guest
2018-01-07 02:38 - 2017-11-21 23:59 - 000000000 ____D C:\Users\Guest\AppData\LocalLow\BitTorrent
2018-01-06 19:38 - 2016-10-11 09:32 - 000000000 ____D C:\Users\Lily
2018-01-06 19:37 - 2015-01-22 14:08 - 000000000 ____D C:\Users\Neville
2018-01-06 19:04 - 2014-07-15 16:19 - 000000000 ____D C:\Users\Neville\AppData\Roaming\vlc
2018-01-06 18:09 - 2016-09-30 22:26 - 000000000 ____D C:\Users\Neville\AppData\Roaming\Anvsoft
2018-01-06 17:54 - 2014-11-21 14:14 - 000869136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-06 17:33 - 2014-04-04 01:43 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-28 08:15 - 2014-10-07 13:44 - 000000512 _____ C:\Users\Neville\Desktop\Days in Canada.txt
2017-12-25 21:06 - 2017-02-23 07:29 - 000003846 _____ C:\Users\Neville\Desktop\New Text Document.txt
2017-12-23 18:46 - 2013-08-22 20:14 - 000523504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-21 18:15 - 2013-12-29 04:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-21 18:09 - 2017-11-17 02:22 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-21 18:08 - 2013-12-29 04:18 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-21 16:00 - 2013-08-22 21:06 - 000000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2015-10-27 00:46 - 2015-10-25 12:46 - 000000040 ____H () C:\Program Files (x86)\4e98b98d.tmp
2014-01-06 04:18 - 2014-01-06 04:18 - 000069291 _____ () C:\Program Files (x86)\hminstalllog.txt
2017-12-22 02:14 - 2017-12-22 02:14 - 000000003 _____ () C:\Users\Neville\AppData\Local\updater.log
2017-12-22 02:14 - 2017-12-22 02:14 - 000000546 _____ () C:\Users\Neville\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
2016-08-23 18:19 - 2016-07-20 14:01 - 000186640 ____H (AVG Technologies CZ, s.r.o.) C:\Users\Guest\AppData\Local\Temp\avguirn_08838862531.exe
2017-08-31 15:30 - 2017-08-31 15:30 - 000046080 ____N () C:\Users\Neville\AppData\Local\Temp\javasysmo3659213139603519291.dll
2017-12-02 04:32 - 2017-12-02 04:32 - 000137696 _____ (tmssoftware.com) C:\Users\Neville\AppData\Local\Temp\wusetup.exE
2015-09-22 08:59 - 2015-09-22 08:59 - 000155729 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.dll
2015-09-22 08:59 - 2015-09-22 08:59 - 000008273 _____ (TeamDev Ltd) C:\Users\TEMP\AppData\Local\Temp\JExplorer32.2.7.1.exe
2015-09-22 08:59 - 2015-09-22 08:59 - 000000000 _____ () C:\Users\TEMP\AppData\Local\Temp\JExplorer64.2.7.1.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-18 03:09
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Neville (19-01-2018 06:07:50)
Running from C:\Users\Neville\Desktop
Windows 8.1 (Update) (X64) (2015-01-23 00:52:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2107339062-2504870960-3837946639-500 - Administrator - Disabled)
Guest (S-1-5-21-2107339062-2504870960-3837946639-501 - Limited - Enabled) => C:\Users\Guest
Lily (S-1-5-21-2107339062-2504870960-3837946639-1006 - Limited - Enabled) => C:\Users\Lily
Neville (S-1-5-21-2107339062-2504870960-3837946639-1001 - Administrator - Enabled) => C:\Users\Neville
postgres (S-1-5-21-2107339062-2504870960-3837946639-1003 - Limited - Enabled) => C:\Users\postgres
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adda52Poker version M2.0.0 (HKLM-x32\...\{82F792B3-0133-4D9C-B4CC-3E53CDBC342B}_is1) (Version: M2.0.0 - Gauss Networks Pvt. Ltd.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.19 - Adobe Systems)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
AVG (HKLM\...\{434FBA38-0562-4F98-9436-4B45C0C0EF0B}) (Version: 1.201.2 - AVG Technologies) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.9.3040 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
BitTorrent (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\BitTorrent) (Version: 7.8.2.30445 - BitTorrent Inc.)
BodogPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E7}}_is1) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bovada Hand Converter (HKLM-x32\...\{1843AD45-F895-4E7B-BC65-CD1F76B48HDC}_is1) (Version: 1.0.0.43 - Ace Poker Solutions)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.181 - Broadcom Corporation)
Broadcom Wireless Utility (HKLM\...\{4CDA59B9-7AD3-4283-9F5C-BC469FF975B6}) (Version: 6.30.59.125 - Broadcom Corporation)
CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\CarbonPoker) (Version: 6.0 - )
CarbonPoker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\CarbonPoker) (Version: 6.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Dropbox (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\Flux) (Version: - f.lux Software LLC)
f.lux (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\Flux) (Version: - )
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
FMW 1 (HKLM\...\{F64508FE-73C8-4C27-9CCA-3799C428B70B}) (Version: 1.223.1 - AVG Technologies) Hidden
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Holdem Manager (HKLM-x32\...\HoldemManager) (Version: - )
Holdem Manager 2 (HKLM-x32\...\HoldemManager2) (Version: - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.1.1.002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
lightshot-3.4.0.0 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 3.4.0.0 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Networkx64 (HKLM\...\{AD1A77F2-5E5F-4A1C-A5C5-74CE7CEC5EC6}) (Version: 1.0.0 - Sony Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PokerSnowie (HKLM-x32\...\PokerSnowie_is1) (Version: - Snowie Games Ltd)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
PokerStars Beta (HKLM-x32\...\PokerStars Beta) (Version: - PokerStars Beta)
PokerStove version 1.24 (HKLM-x32\...\{6D0C6BE4-F674-43D2-96BC-3509345108C9}_is1) (Version: - )
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.5.5.14 - OpenVPN Technologies)
Reader for PC (HKLM-x32\...\{25340F94-F74E-4CCF-ABDF-ECBCF03911BE}) (Version: 2.0.00.07121 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.4.201603071758 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 760 - Finarea S.A. Switzerland)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.8070 - Broadcom Corporation)
William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\William Hill Poker) (Version: - )
William Hill Poker (HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\William Hill Poker) (Version: - )
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Neville\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-10-02] (Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-01-16] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-03] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-03] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {024C722F-551D-41E6-A570-2FAAFF872442} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {06579122-4774-4FE5-BA42-2DFCD63E686B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {0B929CE9-5CD0-47A6-9859-0423FCA07A18} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-05] (Sony Corporation)
Task: {0EB38FC8-EB83-41E6-862F-84002080840C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {11183CC6-475F-4A52-9EEF-622927D6FEE0} - System32\Tasks\{B0988E86-0FC5-4456-B793-57B83BE615AA} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Neville\Desktop\PokerStoveSetup121.exe -d C:\Users\Neville\Desktop
Task: {14247623-9215-4D5E-83DA-C5D35B069FF0} - System32\Tasks\Sony Corporation\VAIO Care\UpdateConfig => C:\ProgramData\Sony Corporation\VCM Data\UpdateConfig.exe [2015-03-03] (Sony Corporation)
Task: {28EAF5D8-B94E-418A-A4E3-DDB193749F87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2E43AAE8-AB2F-419D-9EDB-DA280E4FD25E} - System32\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2013-01-16] ()
Task: {2FBCE8A5-96DC-4092-B3AD-AC9E71801E2A} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {4FEB958B-B275-4675-A1FB-965F793A8CA0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {5179E4E0-AA1B-48C0-B87F-9522BF8136AD} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)
Task: {52E4841A-71D1-429B-8041-2303E3275D42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5498C027-A95D-4CC9-99B4-6ACEC1536CED} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {56A8D7F9-58D8-48E0-BA81-2D60AAFB2BB5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-10] (Adobe Systems Incorporated)
Task: {5FFDE82F-2052-415A-9386-946E288BF596} - System32\Tasks\TinyTakeUpgrade => C:\Users\Neville\AppData\Local\MangoApps\TinyTake by MangoApps\TinyTake.exe
Task: {603759C9-3B36-44C1-A9CD-90E2171C9CBD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {618D2C93-D838-414F-AAD3-979C1ACB1642} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-15] (Apple Inc.)
Task: {684817BB-2A3D-4E29-94B0-CD3E80177905} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {6FB19CEE-A97B-468E-9405-292CFD3C450F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-25] (Sony Corporation)
Task: {8ADFB8F6-4081-47E9-AA8D-018198CFE593} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-01-05] (AVG Technologies CZ, s.r.o.)
Task: {8F210BC0-738A-4D76-B866-CAAC5C3CEC4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-12-21] (Microsoft Corporation)
Task: {901F6140-3B3C-48BE-BE18-809E09446CCA} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {9EFD2EEB-8E91-4986-A8F2-BAAE756043E8} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {A1806928-5204-420F-94D8-4390119A4658} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => C:\ProgramData\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {A226E913-2A47-4362-A349-EFFFA5792A3B} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe [2013-09-28] (Sony Corporation)
Task: {AB3F1085-EF63-45DB-A5E8-348B7E6E2857} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {B78E69AE-B46C-4F0C-B396-CA3D1FC99691} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)
Task: {C16E56E5-B20A-4B67-B8C3-590CFC4D8547} - System32\Tasks\{6648CC50-44D1-43B1-8BE7-860D3610D2F0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.25.0.106/en/abandoninstall?page=tsProgressBar
Task: {CC9C9BA3-0A4D-412E-9711-02ADBA449800} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-01-16] (AVG Technologies CZ, s.r.o.)
Task: {D0686BE4-176F-47F2-B1A1-26848FA9E4E9} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {D2BDFCC8-A2A9-45B4-96AB-2A7ECE41DD7B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-18] (Sony Corporation)
Task: {D5DE55C0-234E-45D9-9307-0CC90B346B85} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {DA446F9E-8A05-47FE-9B15-0C243127AFC0} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2107339062-2504870960-3837946639-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"
ShortcutWithArgument: C:\Users\Neville\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\bd11788ef691d780\Adda52.lnk -> C:\Program Files (x86)\Adda52 Poker\poker.exe (Gauss Networks Pvt. Ltd.) -> --user-data-dir="C:\Users\Neville\AppData\Local\Adda52\User Data" --profile-directory=Default --app-id=ghjijcjmdklnkdnoomgfobfmlehphhpp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-gpu"
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 09:47 - 2013-09-05 09:47 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-21 01:53 - 2010-10-21 01:53 - 008801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-14 06:20 - 2017-07-14 06:20 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-25 12:05 - 2013-10-25 12:05 - 000049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2016-02-19 02:52 - 2016-02-19 02:52 - 001493224 _____ () C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
2018-01-06 17:33 - 2018-01-03 14:50 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-06 17:33 - 2018-01-03 14:50 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2014-01-06 04:15 - 2011-01-28 10:45 - 000172032 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\LIBPQ.dll
2014-01-06 04:15 - 2009-02-13 00:31 - 000976384 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\libxml2.dll
2014-01-06 04:15 - 2005-07-20 16:18 - 000059904 _____ () C:\Program Files (x86)\PostgreSQL\8.4\bin\zlib1.dll
2016-11-28 22:09 - 2016-11-28 22:09 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000207272 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000059136 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000058624 _____ () C:\Program Files (x86)\AVG\Antivirus\dll_loader.dll
2017-07-12 04:06 - 2017-07-12 04:06 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-01-16 03:25 - 2018-01-16 03:25 - 000290392 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2013-10-27 11:30 - 2013-01-23 14:56 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Program Files (x86)\Intertops Poker:MID [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\123simsen.com -> www.123simsen.com
There are 7864 more sites.
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\123simsen.com -> www.123simsen.com
There are 7864 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 18:55 - 2013-08-22 18:55 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Neville\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1366x768.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "PrivateTunnel.lnk"
HKLM\...\StartupApproved\Run: => "Bluetooth"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CloudSystemBooster"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "CPN Notifier"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "*LABAL*"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CloudSystemBooster"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-2107339062-2504870960-3837946639-1003\...\StartupApproved\Run: => "CPN Notifier"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F084201A-A7D8-44A9-A765-F0D9584E5EFD}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{4434A480-C8DA-41E6-A1B3-A739C9A96B69}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{3ECC34DC-19CA-4393-A2E3-41E2820A2225}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A1D51E74-2948-469A-928F-704EBD4CDFA8}] => (Allow) C:\Users\Neville\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7A7D3E58-B6F5-4532-A839-204CE20ACE00}] => (Allow) LPort=5432
FirewallRules: [{B3F73D6A-D788-4282-A2C9-7D394868C820}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{DF8C06FD-95DB-4BCE-AD7C-2FBE6CB042BF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CE415401-76A6-40E4-8BB2-7FE79BA8AF22}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{1F93BCB9-CC2D-4BB4-B163-FEC221BBBCAD}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{B7761E61-F2AC-48BD-A196-07CCE1A1DF3D}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{94592703-7F49-4685-97C3-1997490A0C8F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B467D672-A6BD-4AD7-863B-78ACA6FF3408}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3672522E-52BB-46C8-ADAE-56456380960F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1D97DD2B-FB72-4C9C-A448-357F636917ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{39E7E607-6D17-4793-BB76-D03AAAD55F23}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{646241AB-77E1-467B-AFFF-C2A2908663CB}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{FCC9C41D-06D4-41C4-B398-B16209969AFA}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [UDP Query User{BF7F3FA2-3AA9-4BB5-AB25-D6D2592458BB}C:\windows\system32\settingsynchost.exe] => (Block) C:\windows\system32\settingsynchost.exe
FirewallRules: [TCP Query User{62C78096-5BC7-48E3-BCA8-5EBB53B3D9DB}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe
FirewallRules: [UDP Query User{2468B7C0-AA2E-40A5-BFC9-4C1FD60A1FF5}D:\ezwizard.exe] => (Allow) D:\ezwizard.exe
FirewallRules: [{3ADC594E-A7F8-457F-8DC0-D0F9B3318877}] => (Block) D:\ezwizard.exe
FirewallRules: [{51111525-21CD-4A69-ADD3-4E0E9A4C7BF7}] => (Block) D:\ezwizard.exe
FirewallRules: [{DFD8FEDE-1A30-4E81-A85D-6208F622E0A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0825714A-D8AD-4144-A3F3-B7D56AC6CE90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5241025F-F366-4041-9BEE-041CFB78C144}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{8A7FE851-DC0F-4127-B429-54D67EE3EB65}] => (Allow) C:\Program Files (x86)\Intertops Poker\PokerClient.exe
FirewallRules: [{98321966-74DF-4B11-8692-B02212A3C595}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{5A36CD8D-BBA5-42D5-8F43-5019AB788A05}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{0A5F5EE9-A4B6-4AB8-A4F0-07A2252D978E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{24B507A7-4C23-4B31-A79B-B1207D41593F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4AAFA1F2-FB1D-4766-9FF5-D0013225D7D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E4232EA6-99E1-494B-80AB-0029BE401EF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{59799577-A542-48F7-AF9C-4CDC525BED29}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{521C03BC-DFF8-4A82-98B6-126F013F76CD}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{13A9C92F-819B-481F-AB35-C3C55B1C98F6}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{453A9FAD-9D52-44F4-B4BD-DDBE14BBAE02}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DA2E4BE0-4348-41D2-B3CA-927760523F31}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E4EE3A9B-CB9D-45CC-B354-EE53414EFD57}] => (Allow) C:\Users\Guest\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{1CF19A98-1235-4A97-A512-8A829CE4493A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{75D3A94A-342E-476F-86F2-A0C54627834A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7FC05073-F315-403B-8503-8CA69848F3B8}] => (Allow) LPort=5556
FirewallRules: [{173A9B11-8EFB-438C-AF3E-7B11D21A6BB7}] => (Allow) LPort=5558
FirewallRules: [{AE8B1B41-EA4B-457A-AD19-BEEA36D0F8C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{61451A74-7562-4EDA-9FCD-8A2673A1D39E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7BA3A94F-5C24-49F8-ADC1-E27CA6F1F08E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{A8A246D6-3BB1-46F7-AD31-123C7F6711DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
30-11-2017 04:39:27 Windows Update
02-12-2017 02:49:39 Broadcom BTW Restore Point
21-12-2017 18:07:32 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/19/2018 06:09:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:39:05Z. Error Code: 0x80041318.
Error: (01/19/2018 06:08:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:35Z. Error Code: 0x80041318.
Error: (01/19/2018 06:08:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:38:05Z. Error Code: 0x80041318.
Error: (01/19/2018 06:07:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:35Z. Error Code: 0x80041318.
Error: (01/19/2018 06:07:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:37:05Z. Error Code: 0x80041318.
Error: (01/19/2018 06:06:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:35Z. Error Code: 0x80041318.
Error: (01/19/2018 06:06:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:36:05Z. Error Code: 0x80041318.
Error: (01/19/2018 06:05:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:35Z. Error Code: 0x80041318.
Error: (01/19/2018 06:05:05 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:35:05Z. Error Code: 0x80041318.
Error: (01/19/2018 06:04:35 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2117-12-26T00:34:35Z. Error Code: 0x80041318.
System errors:
=============
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (01/19/2018 05:57:28 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Service service to connect.
Error: (01/19/2018 05:57:10 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/19/2018 05:55:45 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/19/2018 05:55:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
Module Path: C:\WINDOWS\System32\bcmihvsrv64.dll
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Genuine Software Integrity Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/19/2018 05:55:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2018-01-19 05:54:55.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:54.991
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:54.005
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:53.052
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:52.061
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:51.101
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:50.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:49.155
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:48.242
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
Date: 2018-01-19 05:54:47.313
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 29%
Total physical RAM: 8070.8 MB
Available physical RAM: 5656.18 MB
Total Virtual: 10630.8 MB
Available Virtual: 8254.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:665.34 GB) (Free:410.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: F4E95A4A)
Partition: GPT.
==================== End of Addition.txt ============================
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 94.68 0 K 4 K 0
procexp64.exe 2.26 39,452 K 51,596 K 4524 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
chrome.exe 1.11 247,112 K 254,220 K 772 Google Chrome Google Inc. (Verified) Google Inc
Interrupts 0.52 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.45 16,092 K 23,216 K 876
System 0.22 120 K 4,016 K 4
csrss.exe 0.20 2,628 K 20,632 K 568
explorer.exe 0.16 46,412 K 89,648 K 1788 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
AVGUI.exe 0.06 20,912 K 37,168 K 2032 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
svchost.exe 0.04 71,408 K 83,776 K 496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
VESMgrSub.exe 0.04 4,332 K 11,908 K 2856
AVGSvc.exe 0.04 99,132 K 40,656 K 1092 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
chrome.exe 0.04 102,892 K 167,792 K 4344 Google Chrome Google Inc. (Verified) Google Inc
AppleMobileDeviceService.exe 0.02 3,100 K 9,968 K 1852 MobileDeviceService Apple Inc. (Verified) Apple Inc.
BCMWLTRY.EXE 0.02 34,212 K 31,724 K 2896
chrome.exe 0.02 74,044 K 78,860 K 2644 Google Chrome Google Inc. (Verified) Google Inc
LMS.exe 0.02 1,396 K 4,544 K 5932 Local Manageability Service Intel Corporation (Verified) Intel Corporation
aswidsagenta.exe 0.02 15,932 K 31,888 K 4492 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
flux.exe 0.02 11,592 K 21,204 K 4908 f.lux f.lux Software LLC (Verified) F.lux Software LLC
WLTRAY.EXE 0.01 35,284 K 36,716 K 4748 Broadcom 802.11 Network Adapter Wireless Network Tray Applet Broadcom Corporation (No signature was present in the subject) Broadcom Corporation
chrome.exe < 0.01 52,912 K 64,492 K 2328 Google Chrome Google Inc. (Verified) Google Inc
AGSService.exe < 0.01 2,392 K 8,132 K 1796 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Systems Incorporated
svchost.exe < 0.01 4,328 K 7,932 K 780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 29,004 K 42,672 K 952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 18,832 K 24,944 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,048 K 4,240 K 516
SearchIndexer.exe < 0.01 25,220 K 24,732 K 4208 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
postgres.exe < 0.01 4,208 K 7,640 K 2692
mDNSResponder.exe < 0.01 1,428 K 4,884 K 1544 Bonjour Service Apple Inc. (Verified) Apple Inc.
services.exe < 0.01 3,536 K 6,992 K 664
avguix.exe < 0.01 6,392 K 19,660 K 4552 AVG User Interface AVG Technologies CZ, s.r.o. (Verified) AVG Technologies CZ
postgres.exe < 0.01 4,208 K 7,400 K 2700
conhost.exe < 0.01 772 K 3,008 K 2548
SynTPEnh.exe < 0.01 5,652 K 808 K 1740 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
lsass.exe < 0.01 4,704 K 12,196 K 672 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
postgres.exe < 0.01 4,116 K 7,084 K 2716
postgres.exe < 0.01 4,236 K 7,636 K 2708
taskhost.exe < 0.01 9,920 K 12,288 K 5980
WUDFHost.exe 2,600 K 7,616 K 1668
wuauclt.exe 1,792 K 6,672 K 5608 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,420 K 6,748 K 3068
WmiPrvSE.exe 2,372 K 6,328 K 5644
WLTRYSVC.EXE 632 K 2,848 K 2868
wlanext.exe 1,552 K 5,892 K 1080
winlogon.exe 1,412 K 8,104 K 604
wininit.exe 792 K 3,840 K 576
VUAgent.exe 4,776 K 13,096 K 6088 VUAgent Sony Corporation (Verified) Sony Corporation
vim.exe 3,352 K 640 K 4416
vim.exe 3,484 K 568 K 1748 VAIO Control Center (vim Module) Sony Corporation (Verified) Sony Corporation
VESMgrSub.exe 3,216 K 9,808 K 2832
VESMgr.exe 1,784 K 6,424 K 2684 VAIO Control Center (Service Module) Sony Corporation (Verified) Sony Corporation
VAIOUpdt.exe 2,572 K 1,332 K 5080
UNS.exe 3,588 K 11,216 K 1536 User Notification Service Intel Corporation (Verified) Intel Corporation
TeamViewer_Service.exe 4,972 K 12,968 K 2424 TeamViewer 10 TeamViewer GmbH (Verified) TeamViewer
taskhostex.exe 4,648 K 10,788 K 1636 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,036 K 212 K 1752
svchost.exe 3,712 K 9,596 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,672 K 11,144 K 740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 25,704 K 32,740 K 912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,584 K 19,120 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,920 K 14,440 K 80 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,488 K 12,932 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,948 K 6,464 K 2404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,332 K 4,704 K 1404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SUSSoundProxy.exe 2,788 K 6,472 K 3528
sppsvc.exe 2,936 K 9,052 K 6072 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 4,008 K 11,072 K 1364 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 340 K 1,044 K 372
SkyDrive.exe 8,680 K 14,288 K 4564 OneDrive Sync Engine Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 7,744 K 2,688 K 3876 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
RIconMan.exe 1,644 K 5,784 K 1948 Realtek Card Reader Patch Tool. Realsil Microelectronics Inc. (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,100 K 9,972 K 4688 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,640 K 7,396 K 3724 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 25,168 K 16,512 K 3336 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
postgres.exe 4,472 K 9,860 K 2540
pg_ctl.exe 2,488 K 6,832 K 2288 pg_ctl - starts/stops/restarts the PostgreSQL server PostgreSQL Global Development Group (No signature was present in the subject) PostgreSQL Global Development Group
ovpnagent.exe 1,016 K 4,604 K 2168
NetworkClient.exe 2,500 K 468 K 852 VAIO Control Center (Network Setting Client) Sony Corporation (Verified) Sony Corporation
Jhi_service.exe 1,084 K 4,572 K 2132 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation
IntelMeFWService.exe 1,176 K 3,964 K 5860 Intel® ME Service Intel Corporation (Verified) Intel Corporation
igfxTray.exe 12,676 K 18,152 K 2660 igfxTray Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxHK.exe 5,016 K 10,016 K 2612 igfxHK Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxEM.exe 7,320 K 13,620 K 2460 igfxEM Module Intel Corporation (Verified) Intel Corporation - pGFX
igfxCUIService.exe 1,612 K 6,352 K 400 igfxCUIService Module Intel Corporation (Verified) Intel Corporation - pGFX
HeciServer.exe 1,220 K 5,096 K 2100 Intel® Capability Licensing Service Interface Intel® Corporation (Verified) Intel® Upgrade Service
GoogleCrashHandler64.exe 1,520 K 172 K 5752
GoogleCrashHandler.exe 1,696 K 200 K 6028
dllhost.exe 1,380 K 4,172 K 4508
dllhost.exe 1,476 K 5,644 K 3164
dllhost.exe 2,636 K 7,780 K 5652
dasHost.exe 3,292 K 10,084 K 1564
conhost.exe 640 K 2,764 K 1100
chrome.exe 28,468 K 36,408 K 3904 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 32,120 K 39,676 K 3888 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 32,144 K 31,936 K 4900 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,920 K 5,932 K 2464 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 2,104 K 6,588 K 2668 Google Chrome Google Inc. (Verified) Google Inc
btwdins.exe 1,892 K 6,584 K 1688 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
audiodg.exe 7,956 K 10,916 K 5460
armsvc.exe 1,052 K 4,144 K 1580 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AdobeARM.exe 3,352 K 392 K 5628 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems
acrotray.exe 2,096 K 6,448 K 2628 AcroTray Adobe Systems Inc. (Verified) Adobe Systems
Image Name PID Services
========================= ======== ============================================
System Idle Process 0 N/A
System 4 N/A
smss.exe 372 N/A
csrss.exe 516 N/A
csrss.exe 568 N/A
wininit.exe 576 N/A
winlogon.exe 604 N/A
services.exe 664 N/A
lsass.exe 672 SamSs
svchost.exe 740 BrokerInfrastructure, DcomLaunch, LSM,
PlugPlay, Power, SystemEventsBroker
svchost.exe 780 RpcEptMapper, RpcSs
dwm.exe 876 N/A
svchost.exe 912 Audiosrv, Dhcp, EventLog,
HomeGroupProvider, lmhosts, Wcmsvc, wscsvc
svchost.exe 952 AeLookupSvc, Appinfo, BITS, Browser, gpsvc,
iphlpsvc, LanmanServer, MMCSS, ProfSvc,
Schedule, SENS, ShellHWDetection, Themes,
Winmgmt, wuauserv
svchost.exe 980 bthserv, EventSystem, fdPHost, FontCache,
netprofm, nsi, WdiServiceHost,
WinHttpAutoProxySvc
igfxCUIService.exe 400 igfxCUIService1.0.0.0
svchost.exe 496 AudioEndpointBuilder,
DeviceAssociationService, hidserv,
NcbService, Netman, PcaSvc, SysMain,
TrkWks, WdiSystemHost, WlanSvc, wudfsvc
svchost.exe 80 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
wlanext.exe 1080 N/A
AVGSvc.exe 1092 AVG Antivirus
conhost.exe 1100 N/A
spoolsv.exe 1364 Spooler
svchost.exe 1392 BFE, DPS, MpsSvc, NcdAutoSetup
armsvc.exe 1580 AdobeARMservice
taskhostex.exe 1636 N/A
SynTPEnh.exe 1740 N/A
explorer.exe 1788 N/A
AGSService.exe 1796 AGSService
AppleMobileDeviceService. 1852 Apple Mobile Device Service
NetworkClient.exe 852 N/A
mDNSResponder.exe 1544 Bonjour Service
btwdins.exe 1688 btwdins
svchost.exe 1552 DiagTrack
RIconMan.exe 1948 IconMan_R
dasHost.exe 1564 N/A
HeciServer.exe 2100 Intel® Capability Licensing Service Interf
ace
Jhi_service.exe 2132 jhi_service
ovpnagent.exe 2168 ovpnagent
pg_ctl.exe 2288 postgresql-8.4
svchost.exe 2404 stisvc
TeamViewer_Service.exe 2424 TeamViewer
postgres.exe 2540 N/A
conhost.exe 2548 N/A
VESMgr.exe 2684 VAIO Event Service
postgres.exe 2692 N/A
postgres.exe 2700 N/A
postgres.exe 2708 N/A
postgres.exe 2716 N/A
VESMgrSub.exe 2832 N/A
VESMgrSub.exe 2856 N/A
WLTRYSVC.EXE 2868 wltrysvc
BCMWLTRY.EXE 2896 N/A
dllhost.exe 3164 N/A
svchost.exe 3228 FDResPub, SensrSvc, SSDPSRV, TimeBroker
PresentationFontCache.exe 3336 FontCache3.0.0.0
SUSSoundProxy.exe 3528 N/A
SettingSyncHost.exe 3876 N/A
svchost.exe 1404 PolicyAgent
WUDFHost.exe 1668 N/A
igfxEM.exe 2460 N/A
igfxHK.exe 2612 N/A
igfxTray.exe 2660 N/A
SearchIndexer.exe 4208 WSearch
aswidsagenta.exe 4492 avgbIDSAgent
SkyDrive.exe 4564 N/A
RAVBg64.exe 4688 N/A
WLTRAY.EXE 4748 N/A
VAIOUpdt.exe 5080 N/A
avguix.exe 4552 N/A
flux.exe 4908 N/A
chrome.exe 4344 N/A
chrome.exe 2464 N/A
WmiPrvSE.exe 3068 N/A
chrome.exe 2668 N/A
acrotray.exe 2628 N/A
chrome.exe 2328 N/A
chrome.exe 4900 N/A
chrome.exe 2644 N/A
chrome.exe 3888 N/A
chrome.exe 3904 N/A
AVGUI.exe 2032 N/A
IntelMeFWService.exe 5860 Intel® ME Service
LMS.exe 5932 LMS
GoogleCrashHandler.exe 6028 N/A
sppsvc.exe 6072 sppsvc
UNS.exe 1536 UNS
GoogleCrashHandler64.exe 5752 N/A
chrome.exe 772 N/A
wuauclt.exe 5608 N/A
SynTPHelper.exe 1752 N/A
vim.exe 4416 N/A
vim.exe 1748 N/A
dllhost.exe 5652 N/A
VUAgent.exe 6088 VUAgent
AdobeARM.exe 5628 N/A
audiodg.exe 5460 N/A
procexp.exe 3724 N/A
procexp64.exe 4524 N/A
taskhost.exe 5980 N/A
WmiPrvSE.exe 5644 N/A
SearchProtocolHost.exe 3208 N/A
SearchFilterHost.exe 5544 N/A
taskeng.exe 1320 N/A
chrome.exe 5872 N/A
cmd.exe 5260 N/A
conhost.exe 3552 N/A
tasklist.exe 2784 N/A